Static analysis, test coverage, and other 12+ letter words

It is hard to maintain complex C code free of bugs. Numerous tools have been developed to help, and we have thrown many of them at the PostgreSQL source code.

We will take a look at tools such as

Coverity

Clang scan-build

AddressSanitizer

Valgrind

Gcov

How do they work? How should their results be interpreted? What have they and have they not delivered for us in practice? How can we integrate them into our workflow going forward? How can we structure our code better to work with tools like these?